Back to Blog

2024 So Far: Recordkeeping Revamps and Regulatory Rigor

Sean Stapleton

The typical narrative is that as time passes, digital regulation becomes more stringent. Accountability becomes a greater requirement as technology continues to advance and occupy a more meaningful proportion of our professional lives. There’s nothing new here, and yet recent regulatory activity has been even more intense than expected across a variety of global organizations.

Stateside, the Securities Exchange Commission (SEC) and Financial Regulation Authority (FINRA) are continuing to demonstrate characteristic aggression while expanding the demands placed on firms under their jurisdiction. Meanwhile, in the UK, the Financial Conduct Authority (FCA) appears to have woken up from a period of relative indifference.

FINRA 

FINRA’s 2024 Regulatory Oversight Report provided new steps for firms to implement in their quest for compliance. Companies are now asked what they are doing to capture business correspondence through off-channel avenues, and whether they are actively monitoring for new communications platforms that may be available to advisers.

 FINRA directly recommends that firms surveil if approved channels are underutilized, signifying that alternatives are being used. They’re also asked to look out for ‘indicia of communications occurring off-channel', i.e. references to other conversations on unsanctioned domains.

These updates are significant because of what they represent. Trusting employees to follow protocol is no longer enough - the surveillance element is now more pronounced, and compliance teams are expected to do the detective work to understand the regulatory landscape and make sure employee conduct is appropriate. This places a greater burden of responsibility across every organization, and makes it very difficult for leaders to look the other way and then plead ignorance.

SEC

Applying standards across the industry

We’re all aware of the industry’s ongoing probe into “off channel” communications, i.e. the WhatsApp fines, which have dominated headlines for a couple of years now. On April 3, 2024, the SEC announced its first enforcement action against a registered investment adviser (RIA) with no ties to a broker-dealer. 

This action is a statement of intent - it exemplifies Enforcement Director Gurbir Grewal’s desire to apply fundamental standards across the industry, and not just to the eye-catching JP Morgans of this world. This is not a box-ticking exercise, but a shift to the ‘culture of proactive compliance’ that he strives for.

Self-Reporting

Following criticism around arbitrary enforcement, the SEC has denied that it is ‘picking numbers at random’ when determining fines around off-channel communications. Rather than the size of a firm or scope of their misconduct, the most impactful factor is in fact whether a company has self-reported their violations. 

 By providing an opportunity for companies to self-report on past lapses and establish the correct compliance procedures proactively in exchange for leniency, the SEC is clearly trying to expedite the process of cultural upheaval.

Marketing Rule

The marketing rule signaled a regulatory evolution when it landed in late 2022. Consumer protection was top of the agenda, but it has taken some time for the regulator to bare its teeth on enforcement. We are now seeing some progress, with companies being held accountable for passing outlandish speculation as legitimate advice. 

 In April the SEC imposed $200,000 in fines over marketing rule violations. Five RIAs were charged, with all five accepting that they misled consumers by advertising model performance which they could not substantiate. GeaSphere LLC was hit with the heaviest penalty of $100,000. 

 Another Risk Alert was issued around this time, with the regulator addressing common marketing rule pitfalls like those mentioned above.

“The findings point to numerous instances of noncompliance, ranging from unsubstantiated claims to misleading advertising tactics, raising concerns about the transparency and accuracy of information available to investors.” 

FCA 

Historically, the FCA has developed a reputation for weak enforcement, particularly in comparison to its US counterparts. This report from the National Audit Office (NAO) in December 2023 acknowledged that in order to match the UK government’s ambitions for the sector, they would need to improve on past ‘regulatory failures’. In recent months, they have obliged.

In November 2023, they issued a call-to-action highlighting lapses around Consumer Duty compliance, including the promotion of high-risk or complex products, opacity on fees, and insufficient consideration of consumer understanding. The regulator also began to directly engage with noncompliant firms, conducting onsite visits and issuing Section 165 information requests.

In March 2024, following a review into retirement income advice, the FCA wrote to the CEOs of financial firms and told them to review their processes. They also warned that ‘the honeymoon period is over’ around Consumer Duty enforcement, and revealed plans to publicly share details of any businesses under investigation. 

The ‘name and shame’ policy was met with widespread backlash across the industry, including British Chancellor of the Exchequer, Jeremy Hunt. While unpopular, it signifies how unprecedented and potentially impactful the FCA’s change of strategy can be.

 How can firms keep up?

As we can see from the three organizations highlighted above, it has been a particularly busy start to 2024 across regulatory compliance. It’s easy to wonder when it all ends - if regulations are in a constant state of flux, is there really any point shooting at a perennially moving target? 

The answer is a resounding ‘yes’. Regulatory enforcement is on the rise across compliance, so there could be very real and expensive consequences for those that don’t comply. Crucially, transparency is also on the rise. Regulators across global finance are being extremely candid and detailed about their expectations, and while those demands may be new and frustrating for many, at least firms know exactly where they stand. 

There’s no ambiguity here. It would be foolish to ignore such precise instructions, and if that is what transpires, companies will only have themselves to blame.

How MW can Help

MirrorWeb Insight captures all digital communications, from iMessage and websites to social media and WhatsApp. This banishes limitations and ensures accountability, evolving with increasing demand and empowering a culture of proactive compliance across your firm.

Insight’s feature set was built with supervision in mind, to lighten the load for compliance personnel and to streamline the processes critical to full regulatory oversight. Proactivity is rewarded, so book a demo above for a closer look!

More from the Blog

Whatsapp Compliance, Self-Reporting, and Ripping off the Band-Aid

The SEC has incentivized firms to self-report on off-channel violations. We look into the process and its benefits.

Read Story

FINRA Report 2024: Recordkeeping Takeaways

Key recordkeeping teakeaways from the 2024 FINRA Annual Regulatory Oversight Report.

Read Story

How MirrorWeb Evolves with Demand

Adaptability is vital in the world of communications surveillance. This blog looks at MirrorWeb’s journey as a company, and why it's helped us be agile and reactive to a challenging regulatory landscape.

Read Story

See what we can do for you.

Let us show you why MirrorWeb is trusted by organizations across the globe for their compliance and digital preservation needs.